Besides, there are enough legitimate uses for webcam viewing software that you could just take a regular signed program and configure it in a deceptive manner. Modern web-browsers allow camera access without additional software, for example.
I'm all for software being signed as a matter of routine but this is not something that it would help.
They cannot, but they can revoke certificates from malware developers after the fact. And requiring a developer program would vastly reduce the number teenagers tricking people into installing a thing. Allowing self-signed roots would let more technical users manage their own security and install their own apps.
A solution to configuration files is to include them in what is signed or not allow your software to have the webcam on without also showing a window explaining what is happening and a button to turn it off. Modern web browsers typically ask for permission to use the webcam beforehand, and you can always close that page.
I guess there would still be shenanigans with signed binaries but there would be far fewer than what is going on here.
Besides, there are enough legitimate uses for webcam viewing software that you could just take a regular signed program and configure it in a deceptive manner. Modern web-browsers allow camera access without additional software, for example.
I'm all for software being signed as a matter of routine but this is not something that it would help.